This role is responsible for identifying, evaluating and quantifying Cyber Security Risk for Cloud Solutions. This will be accomplished by consulting with Business Security Managers, Cyber Security and Digital Core teams to provide recommendations and implement controls to reduce technical cyber risk. This role must also benchmark broadly and integrate external cyber security peer perspectives.
Technical Cyber Security Risk Consultations (70%)
- Consult with Business Security Managers, Cyber Security and Digital Core team to quantitatively analyze Cloud technology – including our most critical assets - for cyber security risk, and provide appropriate technical recommendations to mitigate, transfer or accept risk.
- Provide input and socialize Cyber Security’s strategy and reference architecture for Cloud technology with relevant stakeholders, ex: Digital Core.
- Review, assess and provide feedback of architecture plans related to Cloud technology.
- Collaborate with Digital Core teams on technical cyber security requirements related to Cloud based projects.
- Manage information around accepted risks, regularly reviewing these risks with the manager of the Cyber Security Technical Risk Assessment and Insider Threat team.
- Promote a culture of cyber risk awareness by leveraging information on current threats to focus Business Security Managers and Digital Core teams’ attention on emerging risk themes and issues.
- Review, critique and provide best practices for improving cyber security controls in the Cloud.
- Build awareness with Business Security Managers and Digital Core partners around the cyber security technical risk assessment process.
- Regularly review and recommend improvements to the overall cyber security risk assessment process.
Partnerships and Benchmarking (20%)
- Maintain existing and develop new contacts within the candidate’s professional network of cyber security peers and leading security consultants/vendors.
- Continuously develops knowledge of evolving best practices through peer benchmarking, industry events/associations, and educational opportunities.
Personal and Team Development (10%)
- Seek ongoing education and learning about current trends in Cyber Security and the Cloud.
- Share knowledge and trends within the Cyber Security team to improve General Mills’ cyber security awareness.
- Bachelors degree in any degree(Management Information Systems (MIS), Computer Science or Computer Engineering preferred)
- 3+ years related experience
- Successful track record of positively influencing stakeholders.
- Strong communication and presentation skills.
- Experience establishing strong working relationships with business partners.
- A working knowledge of cyber security, cyber security technology, risk assessment and management.
- Demonstrated ability to work across organizational boundaries, and influence others.
- Ability to define and manage internal projects and milestones and demonstrated leadership skills.
- Demonstrated ability to develop and present risk information to all levels of an organization.
- Knowledge in tools and techniques used by attackers to gain unauthorized access to systems.
- Understands how corporations operate in the global economy and is familiar with operational risk concerns for international businesses.
COMPETENCIES/BEHAVIORS REQUIRED FOR THE ROLE
- Strong interpersonal, verbal, presentation, and written communication skills.
- Ability to effectively present to a wide range of audiences (senior leadership executive summaries to global updates).
- Comfortable shifting priorities and simultaneously engaging in and managing multiple projects.
- Ability to make decisions and solve problems especially where there is ambiguity.
- Ability to influence through relationship building and executive presence.
- Ability to work both independently and in a collaboratively in a team environment.
- Discretion, integrity, and independent sound judgment in both designing and implementing processes.
- Strong analytic skills with a penchant for metrics.
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and/or public sector equivalent
We exist to make food the world loves. But we do more than that. Our company is a place that prioritizes being a force for good, a place to expand learning, explore new perspectives and reimagine new possibilities, every day. We look for people who want to bring their best — bold thinkers with big hearts who challenge one other and grow together. Because becoming the undisputed leader in food means surrounding ourselves with people who are hungry for what’s next.